diff --git a/requirements.in b/requirements.in index 84c58d44..e44799f4 100644 --- a/requirements.in +++ b/requirements.in @@ -1,7 +1,6 @@ h_vialib uwsgi pywb -jinja2 whitenoise newrelic h-checkmatelib diff --git a/requirements.txt b/requirements.txt index 1b477d74..01ae155b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -17,11 +17,11 @@ fakeredis==0.16.0 # via pywb future==0.18.2 # via h-checkmatelib gevent==1.4.0 # via pywb greenlet==0.4.16 # via gevent -h-checkmatelib==1.0.2 # via -r requirements.in +h-checkmatelib==1.0.3 # via -r requirements.in h-vialib==1.0.0 # via -r requirements.in idna==2.10 # via requests, tldextract importlib-metadata==2.0.0 # via jsonschema -jinja2==2.11.2 # via -r requirements.in, pywb +jinja2==2.11.2 # via pywb jsonschema==3.2.0 # via h-checkmatelib markupsafe==1.1.1 # via jinja2 newrelic==5.22.1.152 # via -r requirements.in diff --git a/static/static/css/wrapper-style.css b/static/static/css/wrapper-style.css deleted file mode 100644 index 8c969238..00000000 --- a/static/static/css/wrapper-style.css +++ /dev/null @@ -1,146 +0,0 @@ -/** -* Eric Meyer's Reset CSS v2.0 (http://meyerweb.com/eric/tools/css/reset/) -* http://cssreset.com -*/ -html, body, div, span, applet, object, iframe, -h1, h2, h3, h4, h5, h6, p, blockquote, pre, -a, abbr, acronym, address, big, cite, code, -del, dfn, em, img, ins, kbd, q, s, samp, -small, strike, strong, sub, sup, tt, var, -b, u, i, center, -dl, dt, dd, ol, ul, li, -fieldset, form, label, legend, -table, caption, tbody, tfoot, thead, tr, th, td, -article, aside, canvas, details, embed, -figure, figcaption, footer, header, hgroup, -menu, nav, output, ruby, section, summary, -time, mark, audio, video { - margin: 0; - padding: 0; - border: 0; - font-size: 100%; - font: inherit; - vertical-align: baseline; -} -/* HTML5 display-role reset for older browsers */ -article, aside, details, figcaption, figure, -footer, header, hgroup, menu, nav, section { - display: block; -} -body { - line-height: 1; -} -ol, ul { - list-style: none; -} -blockquote, q { - quotes: none; -} -blockquote:before, blockquote:after, -q:before, q:after { - content: ''; - content: none; -} -table { - border-collapse: collapse; - border-spacing: 0; -} - -/* page style */ -body { - background-color: #ececec; - margin: 0 auto; - color: #333333; - max-width: 960px; - font-family: 'Source Sans Pro', sans-serif; - -webkit-font-smoothing: antialiased; - text-align: center; -} - -header { - padding: 100px 0 0 0; -} - -header, article { - text-align: left; - margin: 0 auto; - max-width: 600px; -} - -p, ol { - font-size: 20px; - line-height: 27px; - padding-bottom: 30px; - max-width: 600px; - margin: 0 auto; -} - -strong { - font-weight: 700; -} - -h1 { - font-weight: 700; - font-size: 20px; - line-height: 27px; -} - -p a, li a { - border-bottom: 1px solid #DCDCDC; - text-decoration: none; - color: #333333; -} - -ol { - list-style-type: decimal; - padding-left: 17px; -} - -ol li { - font-size: 20px; - line-height: 27px; - padding-bottom: 30px; -} - -a:hover { - color: #333333; -} - -footer { - padding: 90px 0; -} - -#footer-logo { - display:inline-block; - width: 24px; - height:28px; - background: url(data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAADAAAAA4CAQAAAARWLNhAAABgUlEQVR42u2Yz0rDQBDGhwpKe6wUSXspepE+gGfv+gCtPaTv4EMIHrx7K0iepILXmQ2btAQECYmXnoSWStUYxNLdNmoKsyCab2677P6WbybZPwAwapCDESbMEZEzasDH9GP2yT+DxikiXX1iLsgBA+ZoRoHR6dMoAJsDQBHOC0ABKAB/APCCUzwX+3I7Kfm78kic4Q3NWAFkw4rcA7xlA9AAMhSWacAEcI8hU34zv1HfAr4WXhsGuCdMADwlF6c0o3txEewogD0WgDikZ+UIcrnsSbbojaNMr7QzzoNWYU8cZXqnAV6TEjfgUe8Ly8wAnJgGzP8PgELqeJZnUYdCAwAKZXXRLqs6ggfQ1mqvzQ7wLHWUZ7EDhnV11LDODhBd7Q/W5a+iKKgt2oOafin7adPP+x3EZPvNdKezMS6uUL8PYPoibvwpwfhjiPHnnDyifub6+sCluIJyDSDjCvBJtlYOABPZAl6JngoQPeDXMhOM7mdmgtf9tUzwu69nYlP33wEjM9swn4BymAAAAABJRU5ErkJggg==); - background-size: 24px 28px; - - font-size:0; -} - -@media (max-width: 800px) { - body {padding: 2em 1em;} - header {padding: 50px 0; font-size: 36px; line-height: 42px;} - h1 {font-size: 48px; line-height: 48px;} - p, ol li {font-size: 18px; line-height: 24px;} -} - -/* Add exceptions for malicious view */ - -.icon.danger { - display: block; - height: 64px; - margin-bottom:10px; - background: url('../img/warning.svg'); - background-size: 64px 64px; - background-position: center; - background-repeat: no-repeat; -} - -body.danger { - color:white; - background-color: #aa0000; -} - diff --git a/static/static/img/warning.svg b/static/static/img/warning.svg deleted file mode 100644 index 0de7b75e..00000000 --- a/static/static/img/warning.svg +++ /dev/null @@ -1 +0,0 @@ - \ No newline at end of file diff --git a/tests/unit/viahtml/views/blocklist_test.py b/tests/unit/viahtml/views/blocklist_test.py index cb65838e..165f5dab 100644 --- a/tests/unit/viahtml/views/blocklist_test.py +++ b/tests/unit/viahtml/views/blocklist_test.py @@ -2,7 +2,6 @@ import pytest from checkmatelib.exceptions import CheckmateException -from h_matchers import Any from viahtml.views.blocklist import BlocklistView @@ -48,25 +47,17 @@ def test_if_a_call_to_checkmate_fails_it_does_nothing(self, view, start_response assert result is None - @pytest.mark.parametrize( - "block_reason,expected_heading", - ( - ("malicious", "Deceptive site ahead"), - ("publisher-blocked", "Content not available"), - ("anything-else-at-all", "Content cannot be annotated"), - ), - ) - def test_blocking(self, view, block_reason, start_response, expected_heading): - view.checkmate.check_url.return_value.reason_codes = [block_reason] + def test_blocking(self, view, start_response): + blocked_response = view.checkmate.check_url.return_value + blocked_response.reason_codes = ["some_reason"] result = view("/proxy/http://example.com", {}, start_response) start_response.assert_called_once_with( - "403 Forbidden", [("Content-Type", "text/html; charset=utf-8")] + "307 Temporary Redirect", [("Location", blocked_response.presentation_url)] ) - assert result == Any.list.of_size(1) - assert expected_heading in result[0].decode("utf-8") + assert result == [] @pytest.fixture def start_response(self): diff --git a/viahtml/templates/viahtml/blocked_page.html.jinja2 b/viahtml/templates/viahtml/blocked_page.html.jinja2 deleted file mode 100644 index 4b6778b8..00000000 --- a/viahtml/templates/viahtml/blocked_page.html.jinja2 +++ /dev/null @@ -1,90 +0,0 @@ -{% extends "viahtml/wrapper.html.jinja2" %} - -{% block title %} - Content not available -{% endblock %} - -{% macro how_to_access() %} -

- To view the annotations on this page: -

- -
    -
  1. - Follow the instructions - on our homepage to install our browser extension. -
    2. -
  2. - Visit the page directly at - {{ url_to_annotate }} - and click on the extension icon to see the annotations. -
    3. -
-{% endmacro %} - -{% macro bad_site_ahead() %} -

- Attackers on the site may trick you into doing - something dangerous like installing software - or revealing your personal information (for example, passwords, - phone numbers or credit cards). -

- - {# Do what we can to prevent the user from selecting the text #} -

- Original URL: {{ url_to_annotate }} -

-{% endmacro %} - -{% block body_attrs %} - {% if reason == "malicious" %} - class="danger" - {% endif %} -{% endblock %} - -{% block content %} - {% if reason == "malicious" %} - {% set text = { - "heading": "
Deceptive site ahead", - "details": "This site is not available through Hypothesis because - it might be hosting harmful content." - } %} - - {% elif reason == "publisher-blocked" %} - {% set text = { - "heading": "Content not available", - "details": "Unfortunately, the publisher of this page has requested - that we disallow access to it through this Hypothesis service. - That means we can't show you the page you were looking for - right away…" - } %} - - {% else %} - {% set text = { - "heading": "Content cannot be annotated", - "details": "Unfortunately, the contents of this page cannot be - annotated through this Hypothesis service." - } %} - {% endif %} - - -
-

{{ text.heading }}

-
- -
-

{{ text.details }}

- - {% if reason == "malicious" %} - {{ bad_site_ahead()}} - {% else %} - {{ how_to_access() }} - {% endif %} -
- -{% endblock %} \ No newline at end of file diff --git a/viahtml/templates/viahtml/wrapper.html.jinja2 b/viahtml/templates/viahtml/wrapper.html.jinja2 deleted file mode 100644 index e9cb0c60..00000000 --- a/viahtml/templates/viahtml/wrapper.html.jinja2 +++ /dev/null @@ -1,26 +0,0 @@ - - - - {% block title %}Via{% endblock %} - - - - - - - - - - {% block content %} - {% endblock %} - - - diff --git a/viahtml/views/blocklist.py b/viahtml/views/blocklist.py index f42f89b7..fbdd96ea 100644 --- a/viahtml/views/blocklist.py +++ b/viahtml/views/blocklist.py @@ -1,12 +1,9 @@ """The blocklist view.""" -import os import re from logging import getLogger from checkmatelib import CheckmateClient, CheckmateException -from jinja2 import Environment, FileSystemLoader, select_autoescape -from pkg_resources import resource_filename LOG = getLogger(__name__) @@ -16,13 +13,6 @@ class BlocklistView: PROXY_PATTERN = re.compile(r"^/proxy/(?:[a-z]{2}_/)?(.*)$") - JINJA_ENV = Environment( - loader=FileSystemLoader( - os.path.abspath(resource_filename("viahtml", "templates")) - ), - autoescape=select_autoescape(["html", "xml"]), - ) - def __init__(self, checkmate_host): self.checkmate = CheckmateClient(checkmate_host) @@ -49,16 +39,16 @@ def __call__(self, path, environ, start_response): return None try: - hits = self.checkmate.check_url(url, allow_all=True) + blocked = self.checkmate.check_url(url, allow_all=True) except CheckmateException as err: LOG.warning("Failed to check URL against Checkmate: %s", err) return None - if not hits: + if not blocked: return None - start_response("403 Forbidden", [("Content-Type", "text/html; charset=utf-8")]) - - template = self.JINJA_ENV.get_template("viahtml/blocked_page.html.jinja2") - content = template.render(reason=hits.reason_codes[0], url_to_annotate=url) - return [content.encode("utf-8")] + # Redirect the user to the presentation URL given to us by Checkmate + start_response( + "307 Temporary Redirect", [("Location", blocked.presentation_url)] + ) + return []